Aggregator

Авторизация? Это пережиток прошлого, считают хакеры.

CISA has demanded federal agencies patch a zero-day vulnerability affecting Samsung devices used in LandFall spyware attacks

速修复

速修复

近一半公司尚未修复问题

Rocket Lab CEO Pete Beck 在周一的财报电话会议上宣布该公司的中型火箭 Neutron 将推迟到明年初发射。Rocket Lab 是在 2021 年宣布了挑战 SpaceX Falcon 9 火箭的 Neutron 火箭，能将 8 吨重的负荷发射到低地球轨道，第一级是完全可重复使用的，能着陆在海上浮动平台，原计划 2024 年首飞，但之后推迟到 2025 年，现在进一步推迟到 2026 年。Beck 表示 Neutron 火箭将于明年第一季度运至弗吉尼亚州 Wallops Flight Facility 的 2 号发射台，之后择时发射。他表示不会被任意设定的期限所束缚，不会匆忙发射，想要确保首次试飞就成功入轨。

A vulnerability was found in QNAP Photo Station up to 5.2.6/5.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component XMR Mining. The manipulation results in privilege escalation. This vulnerability was named CVE-2017-20210. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Zoom Workplace and Meeting SDK 6.4.5/6.4.13 on Android. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2025-64741. Local access is required to approach this attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Zoom Workplace VDI Client on Windows and classified as critical. This impacts an unknown function. Executing manipulation can lead to improper verification of cryptographic signature. This vulnerability is handled as CVE-2025-64740. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in Zoom Workplace, Workplace VDI Client, Rooms, Rooms Controller and Meeting SDK 6.5.0 and classified as problematic. This affects an unknown function. Performing manipulation results in file inclusion. This vulnerability is known as CVE-2025-64739. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

本项目研发了由大模型驱动的AI自主威胁狩猎智能体，构建多智能体协作体系，具备意图识别、日志搜索、数据分析、规则生成与自我反思等能力，实现“自主发现—分析—响应—防御加固”的闭环狩猎流程，显著提升安全运营的智能化与自动化水平。

在双十一购物狂欢的背后，骗子“趁乱”布下圈套，伺机下手。这3种套路千万小心！

中国国家网络与信息安全信息通报中心通过支撑单位发现一批境外恶意网址和恶意IP，境外黑客组织利用这些网址和IP持续对中国和其他国家发起网络攻击。

《全球发展倡议数字普惠行动倡议》的发布不仅是对联合国2030年可持续发展议程的积极响应，更是构建“网络空间命运共同体”理念的务实行动纲领，为全球数字治理贡献了系统性、可操作的中国方案。

自2008年比特币诞生以来，数字加密货币已从早期小众极客圈层的边缘，逐步进入主流金融视野，成为全球金融生态无法忽视的组成部分。

美国防部强制执行CMMC计划或将冲击国防供应链

未来一年的核心关键词是AI、网络犯罪与国家行为体

A vulnerability, which was classified as problematic, was found in Zoom Workplace and Workplace Meeting SDK on macOS. The impacted element is an unknown function. Such manipulation leads to file inclusion. This vulnerability is traded as CVE-2025-64738. An attack has to be approached locally. There is no exploit available. You should upgrade the affected component.

美国多个政府机构以国家安全风险提议禁售普联路由器（TP-Link）。总部位于美国加州的 TP-Link Systems 否认它对美国国家安全构成风险的指控，称它已经与总部位于中国的 TP-Link Technologies 完全切割，它在新加坡有分公司，在越南有生产基地，除芯片组外所有产品的研发、设计、生产和制造均自主完成。TP-Link Systems 发言人称，TP-Link 是一家美国公司，致力于为美国及其它市场提供高质量安全的产品。TP-Link 称它的竞争对手也从中国采购零部件，中国以及其它国家的 APT 组织也在利用思科和 Netgear 等竞争对手产品中的漏洞。

A vulnerability, which was classified as problematic, has been found in Zoom Workplace and Meeting SDK 6.4.5/6.4.13. The affected element is an unknown function. This manipulation causes inefficient regular expression complexity. This vulnerability appears as CVE-2025-62484. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.